FindBugs Bug Detector Report
The following document contains the results of FindBugs Report
FindBugs Version is 2.0.2
Threshold is medium
Effort is min
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 365 |
56 |
0 |
0 |
org.apache.maven.DefaultMaven
| Bug |
Category |
Details |
Line |
Priority |
| exceptional return value of java.io.File.mkdirs() ignored in org.apache.maven.DefaultMaven.validateLocalRepository(MavenExecutionRequest) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
565 |
Medium |
org.apache.maven.artifact.handler.DefaultArtifactHandler
| Bug |
Category |
Details |
Line |
Priority |
| Unwritten field: org.apache.maven.artifact.handler.DefaultArtifactHandler.classifier |
CORRECTNESS |
UWF_UNWRITTEN_FIELD |
78 |
Medium |
org.apache.maven.artifact.metadata.AbstractArtifactMetadata
| Bug |
Category |
Details |
Line |
Priority |
| The class name org.apache.maven.artifact.metadata.AbstractArtifactMetadata shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.AbstractArtifactMetadata |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
31-32 |
High |
org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException
| Bug |
Category |
Details |
Line |
Priority |
| The class name org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.ArtifactMetadataRetrievalException |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
33-54 |
High |
org.apache.maven.artifact.metadata.ArtifactMetadataSource
| Bug |
Category |
Details |
Line |
Priority |
| The class name org.apache.maven.artifact.metadata.ArtifactMetadataSource shadows the simple name of implemented interface org.apache.maven.repository.legacy.metadata.ArtifactMetadataSource |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_INTERFACE |
Not available |
Medium |
org.apache.maven.artifact.metadata.ResolutionGroup
| Bug |
Category |
Details |
Line |
Priority |
| The class name org.apache.maven.artifact.metadata.ResolutionGroup shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.ResolutionGroup |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
37-44 |
High |
org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata
| Bug |
Category |
Details |
Line |
Priority |
| exceptional return value of java.io.File.delete() ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
105 |
Medium |
| exceptional return value of java.io.File.mkdirs() ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
153 |
Medium |
| exceptional return value of java.io.File.setLastModified(long) ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
167 |
Medium |
org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException
| Bug |
Category |
Details |
Line |
Priority |
| Class org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException is not derived from an Exception, even though it is named as such |
BAD_PRACTICE |
NM_CLASS_NOT_EXCEPTION |
32-39 |
Medium |
org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException
| Bug |
Category |
Details |
Line |
Priority |
| Class org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException is not derived from an Exception, even though it is named as such |
BAD_PRACTICE |
NM_CLASS_NOT_EXCEPTION |
32-39 |
Medium |
org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter
| Bug |
Category |
Details |
Line |
Priority |
| Potentially dangerous use of non-short-circuit logic in org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter.include(Artifact) |
STYLE |
NS_DANGEROUS_NON_SHORT_CIRCUIT |
50 |
High |
org.apache.maven.execution.DefaultMavenExecutionRequest
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.maven.execution.DefaultMavenExecutionRequest.getStartTime() may expose internal representation by returning DefaultMavenExecutionRequest.startTime |
MALICIOUS_CODE |
EI_EXPOSE_REP |
285 |
Medium |
| org.apache.maven.execution.DefaultMavenExecutionRequest.setStartTime(Date) may expose internal representation by storing an externally mutable object into DefaultMavenExecutionRequest.startTime |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
425 |
Medium |
org.apache.maven.execution.SettingsAdapter
| Bug |
Category |
Details |
Line |
Priority |
| Class org.apache.maven.execution.SettingsAdapter defines non-transient non-serializable instance field runtimeInfo |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
Medium |
org.apache.maven.lifecycle.DefaultLifecycles
| Bug |
Category |
Details |
Line |
Priority |
| Arguments in wrong order for invocation of checkNotNull in org.apache.maven.lifecycle.DefaultLifecycles.getLifeCycles() |
CORRECTNESS |
DMI_ARGUMENTS_WRONG_ORDER |
125 |
Medium |
| org.apache.maven.lifecycle.DefaultLifecycles.STANDARD_LIFECYCLES is a mutable array |
MALICIOUS_CODE |
MS_MUTABLE_ARRAY |
48 |
High |
org.apache.maven.lifecycle.internal.LifecycleModuleBuilder
| Bug |
Category |
Details |
Line |
Priority |
| Unread field: org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.projectExecutionListeners |
PERFORMANCE |
URF_UNREAD_FIELD |
73 |
Medium |
org.apache.maven.lifecycle.internal.LifecycleStarter
| Bug |
Category |
Details |
Line |
Priority |
| Exception is caught when Exception is not thrown in org.apache.maven.lifecycle.internal.LifecycleStarter.execute(MavenSession) |
STYLE |
REC_CATCH_EXCEPTION |
123 |
Medium |
org.apache.maven.lifecycle.internal.MojoDescriptorCreator
| Bug |
Category |
Details |
Line |
Priority |
| Possible null pointer dereference of plugin in org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject) |
CORRECTNESS |
NP_NULL_ON_SOME_PATH |
228 |
Medium |
| org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
174 |
Medium |
org.apache.maven.lifecycle.internal.builder.multithreaded.ConcurrencyDependencyGraph
| Bug |
Category |
Details |
Line |
Priority |
| java.util.HashSet<org.apache.maven.project.MavenProject> is incompatible with expected argument type org.apache.maven.project.MavenProject in org.apache.maven.lifecycle.internal.builder.multithreaded.ConcurrencyDependencyGraph.getUnfinishedProjects() |
CORRECTNESS |
GC_UNRELATED_TYPES |
113 |
High |
org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer
| Bug |
Category |
Details |
Line |
Priority |
| Found reliance on default encoding in new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer(ProjectBuildList, PrintStream): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
57 |
High |
| Naked notify in org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer.setThisModuleComplete(ProjectSegment) |
MT_CORRECTNESS |
NN_NAKED_NOTIFY |
198 |
Medium |
| new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer(ProjectBuildList, PrintStream) invokes Thread.start() |
MT_CORRECTNESS |
SC_START_IN_CTOR |
153 |
Medium |
org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer$ThreadBoundPrintStream
| Bug |
Category |
Details |
Line |
Priority |
| Found reliance on default encoding in new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer$ThreadBoundPrintStream(ThreadOutputMuxer, PrintStream): new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer$ThreadBoundPrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
214 |
High |
org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping
| Bug |
Category |
Details |
Line |
Priority |
| Unwritten field: org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping.lifecycles |
CORRECTNESS |
UWF_UNWRITTEN_FIELD |
46 |
Medium |
| Unwritten field: org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping.phases |
CORRECTNESS |
UWF_UNWRITTEN_FIELD |
103 |
Medium |
org.apache.maven.lifecycle.mapping.Lifecycle
| Bug |
Category |
Details |
Line |
Priority |
| Unused field: org.apache.maven.lifecycle.mapping.Lifecycle.optionalMojos |
PERFORMANCE |
UUF_UNUSED_FIELD |
Not available |
Medium |
org.apache.maven.plugin.DefaultBuildPluginManager
| Bug |
Category |
Details |
Line |
Priority |
| Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString() |
I18N |
DM_DEFAULT_ENCODING |
164 |
High |
| Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
159 |
High |
| Unread field: org.apache.maven.plugin.DefaultBuildPluginManager.mojoExecutionListeners |
PERFORMANCE |
URF_UNREAD_FIELD |
65 |
Medium |
org.apache.maven.plugin.internal.DefaultMavenPluginManager
| Bug |
Category |
Details |
Line |
Priority |
| Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString() |
I18N |
DM_DEFAULT_ENCODING |
481 |
High |
| Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
476 |
High |
| Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): java.io.ByteArrayOutputStream.toString() |
I18N |
DM_DEFAULT_ENCODING |
621 |
High |
| Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
616 |
High |
org.apache.maven.plugin.internal.DefaultPluginManager
| Bug |
Category |
Details |
Line |
Priority |
| Exception is caught when Exception is not thrown in org.apache.maven.plugin.internal.DefaultPluginManager.getPluginDescriptorForPrefix(String) |
STYLE |
REC_CATCH_EXCEPTION |
193 |
Medium |
org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException.format(LocalRepository, List) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
55 |
Medium |
org.apache.maven.plugin.version.PluginVersionResolutionException
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.maven.plugin.version.PluginVersionResolutionException.format(LocalRepository, List) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
97 |
Medium |
org.apache.maven.project.DefaultProjectBuilder
| Bug |
Category |
Details |
Line |
Priority |
| Nullcheck of DefaultProjectBuilder.repositorySystem at line 798 of value previously dereferenced in org.apache.maven.project.DefaultProjectBuilder.initProject(MavenProject, Map, ModelBuildingResult, Map, ProjectBuildingRequest) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
697 |
Medium |
org.apache.maven.project.DefaultProjectBuildingHelper
| Bug |
Category |
Details |
Line |
Priority |
| Load of known null value in org.apache.maven.project.DefaultProjectBuildingHelper.createProjectRealm(MavenProject, Model, ProjectBuildingRequest) |
STYLE |
NP_LOAD_OF_KNOWN_NULL_VALUE |
247 |
Medium |
org.apache.maven.project.DefaultProjectBuildingRequest
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.maven.project.DefaultProjectBuildingRequest.getBuildStartTime() may expose internal representation by returning DefaultProjectBuildingRequest.buildStartTime |
MALICIOUS_CODE |
EI_EXPOSE_REP |
305 |
Medium |
| org.apache.maven.project.DefaultProjectBuildingRequest.setBuildStartTime(Date) may expose internal representation by storing an externally mutable object into DefaultProjectBuildingRequest.buildStartTime |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
310 |
Medium |
org.apache.maven.project.MavenProject
| Bug |
Category |
Details |
Line |
Priority |
| Redundant nullcheck of org.apache.maven.project.MavenProject.getBuild(), which is known to be non-null in org.apache.maven.project.MavenProject.getDefaultGoal() |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
1111 |
Medium |
org.apache.maven.project.ProjectModelResolver
| Bug |
Category |
Details |
Line |
Priority |
| Unread field: org.apache.maven.project.ProjectModelResolver.context; should this field be static? |
PERFORMANCE |
SS_SHOULD_BE_STATIC |
66 |
Medium |
org.apache.maven.project.ProjectModelResolver$1
org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord
| Bug |
Category |
Details |
Line |
Priority |
| Should org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord be a _static_ inner class? |
PERFORMANCE |
SIC_INNER_SHOULD_BE_STATIC |
214-290 |
Medium |
org.apache.maven.repository.ArtifactTransferEvent
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.maven.repository.ArtifactTransferEvent.getDataBuffer() may expose internal representation by returning ArtifactTransferEvent.dataBuffer |
MALICIOUS_CODE |
EI_EXPOSE_REP |
218 |
Medium |
| org.apache.maven.repository.ArtifactTransferEvent.setDataBuffer(byte[]) may expose internal representation by storing an externally mutable object into ArtifactTransferEvent.dataBuffer |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
223 |
Medium |
org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader
| Bug |
Category |
Details |
Line |
Priority |
| Dead store to parsed in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parsePersistedToolchains(XmlPullParser, boolean) |
STYLE |
DLS_DEAD_LOCAL_STORE |
594 |
High |
| Redundant nullcheck of toolchains, which is known to be non-null in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parsePersistedToolchains(XmlPullParser, boolean) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
600 |
Medium |
| Private method org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getBooleanValue(String, String, XmlPullParser) is never called |
PERFORMANCE |
UPM_UNCALLED_PRIVATE_METHOD |
150 |
Medium |
| Private method org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getDateValue(String, String, XmlPullParser) is never called |
PERFORMANCE |
UPM_UNCALLED_PRIVATE_METHOD |
238 |
Medium |
